Browse Prior Art Database

The MD2 Message-Digest Algorithm (RFC1319) Disclosure Number: IPCOM000002140D
Original Publication Date: 1992-Apr-01
Included in the Prior Art Database: 2000-Sep-12
Document File: 14 page(s) / 23K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

B. Kaliski: AUTHOR


Status of this Memo

This text was extracted from a ASCII document.
This is the abbreviated version, containing approximately 11% of the total text.

Network Working Group B. Kaliski

Request for Comments: 1319 RSA Laboratories

Updates: RFC 1115 April 1992

The MD2 Message-Digest Algorithm

Status of this Memo

This memo provides information for the Internet community. It does

not specify an Internet standard. Distribution of this memo is



The description of MD2 is based on material prepared by John Linn and

Ron Rivest. Their permission to incorporate that material is greatly


Table of Contents

1. Executive Summary 1

2. Terminology and Notation 2

3. MD2 Algorithm Description 2

4. Summary 4

References 5

APPENDIX A - Reference Implementation 5

Security Considerations 17

Author's Address 17

1. Executive Summary

This document describes the MD2 message-digest algorithm. The

algorithm takes as input a message of arbitrary length and produces

as output a 128-bit "fingerprint" or "message digest" of the input.

It is conjectured that it is computationally infeasible to produce

two messages having the same message digest, or to produce any

message having a given prespecified target message digest. The MD2

algorithm is intended for digital signature applications, where a

large file must be "compressed" in a secure manner before being

signed with a private (secret) key under a public-key cryptosystem

such as RSA.

License to use MD2 is granted for non-commerical Internet Privacy-

Enhanced Mail [1-3].

This document is an update to the August 1989 RFC 1115 [3], which

also gives a reference implementation of MD2. The main differences

are that a textual description of MD2 is included, and that the

reference implementation of MD2 is more portable.

For OSI-based applications, MD2's object identifier is


iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 2}

In the X.509 type AlgorithmIdentifier [4], the parameters for MD2

should have type NULL.

2. Terminology and Notation

In this document, a "byte" is an eight-bit quantity.

Let x_i denote "x sub i". If the subscript is an expression, we

surround it in braces, as in x_{i+1}. Simila...